Microprocessor System with Secured Runtime Environment

1. A microprocessor system, implementable or implemented in a mobile terminal and comprising: a normal operation system configured to generate and maintain an insecure runtime environment, a security operating system configured to generate and maintain a secure runtime environment, an operating system interface between the normal operating system and the security operating system, the operating system interface configured to securely control communication between the insecure runtime environment and the secure runtime environment at the operating system level, a filter interface configured to securely control communication between the insecure runtime environment and the secure runtime environment at a level different from the operating system level, a normal driver for a peripheral structure of the mobile terminal, the normal driver being drivable by the normal operating system and being executable in the insecure runtime environment, and a reduced driver for the peripheral structure, the reduced driver being drivable by the security operating system, executable in the secure runtime environment, and having only a subset of the functionalities of the normal driver that is executable in the insecure runtime environment, wherein the filter interface is an application filter interface configured to securely control communication between the insecure runtime environment and the secure runtime environment within said microprocessor system at the application level.

2. The microprocessor system as claimed in claim 1 , wherein the filter interface is a hardware filter interface configured to securely control communication between the insecure runtime environment and the secure runtime environment at the hardware level.

3. The microprocessor system as claimed in claim 2 , wherein the secure control communication at the hardware level is effected via a bus system.

4. The microprocessor system as claimed in claim 2 , wherein the hardware filter interface is configured to securely control communication at the hardware level between the normal driver for a peripheral structure that is executable in the insecure runtime environment and the reduced driver for the peripheral structure that is executable in the secure runtime environment.

5. The microprocessor system as claimed in claim 4 , wherein the hardware filter interface is configured to check accesses directed to the driver for a peripheral structure with regard to relevance to security and, in the case where the access is identified as relevant to security, to convey the access to the reduced driver in the secure runtime environment and, in the case where the access is identified as not relevant to security, to convey the access to the normal driver in the insecure runtime environment.

6. The microprocessor system as claimed in claim 1 , further comprising: at least one application, wherein the application is at least partly drivable by the normal operating system and executable in the insecure runtime environment, at least partly drivable by the security operating system, and executable in the secure runtime environment, wherein the application filter interface is configured to securely control communication between the at least partial application that is executable in the insecure runtime environment and the at least partial application that is executable in the secure runtime environment at the application level.

7. The microprocessor system as claimed in claim 6 , wherein the application filter interface is configured to check accesses directed to the application with regard to relevance to security and, in the case where the access is identified as relevant to security, to convey the access to the at least partial application in the secure runtime environment and, in the case where the access is identified as not relevant to security, to convey the access to the at least partial application in the insecure runtime environment.

8. The microprocessor system as claimed in claim 1 , wherein the filter interface is coupled to a user output device in such a way that on the occasion of any access effected via the filter interface from the insecure runtime environment to the secure runtime environment or from the secure runtime environment to the insecure runtime environment, a user message perceptible to a user of the microprocessor system is output by the user output device.

9. The microprocessor system as claimed in claim 8 , wherein the filter interface is coupled to the user output device in such a way that for accesses from the insecure runtime environment to the secure runtime environment and from the secure runtime environment to the insecure runtime environment different user outputs, distinguishable to the user, are output.